pod(五):pod hook(pod钩子)和优雅的关闭nginx pod

时间:2022-11-02 12:10:08

服务器版本 docker软件版本 Kubernetes(k8s)集群版本 CPU架构
CentOS Linux release 7.4.1708 (Core) Docker version 20.10.12 v1.21.9 x86_64

Kubernetes集群架构:k8scloude1作为master节点,k8scloude2,k8scloude3作为worker节点

服务器 操作系统版本 CPU架构 进程 功能描述
k8scloude1/192.168.110.130 CentOS Linux release 7.4.1708 (Core) x86_64 docker,kube-apiserver,etcd,kube-scheduler,kube-controller-manager,kubelet,kube-proxy,coredns,calico k8s master节点
k8scloude2/192.168.110.129 CentOS Linux release 7.4.1708 (Core) x86_64 docker,kubelet,kube-proxy,calico k8s worker节点
k8scloude3/192.168.110.128 CentOS Linux release 7.4.1708 (Core) x86_64 docker,kubelet,kube-proxy,calico k8s worker节点

二.前言

本文介绍pod hook(pod钩子)和如何优雅的关闭nginx pod。

管理pod的前提是已经有一套可以正常运行的Kubernetes集群,关于Kubernetes(k8s)集群的安装部署,可以查看博客《Centos7 安装部署Kubernetes(k8s)集群》https://www.cnblogs.com/renshengdezheli/p/16686769.html

三.pod hook(pod钩子)

为容器的生命周期事件设置处理函数,Kubernetes 支持 postStart 和 preStop 事件。 当一个容器启动后,Kubernetes 将立即发送 postStart 事件;在容器被终结之前, Kubernetes 将发送一个 preStop 事件。容器可以为每个事件指定一个处理程序。

pod hook:目前pod3容器里运行的是nginx进程,在启动容器的时候,除了主进程,还想启动一个进程,怎么办?这时候就需要使用pod hook(pod 钩子),pod hook有两个选项:

  • postStart:容器启动之后执行XXXX,和主进程是同时运行起来的,并没有先后顺序;
  • preStop:在容器关闭之前执行XXXX

postStart例子:容器启动之后执行"/bin/sh","-c","date >> /tmp/bb.txt",打印日期到/tmp/bb.txt文件

[root@k8scloude1 pod]# vim pod3.yaml 

[root@k8scloude1 pod]# cat pod3.yaml 
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: pod3
  name: pod3
spec:
  terminationGracePeriodSeconds: 0
  containers:
  - image: nginx
    command: ["sh","-c","date > /tmp/aa.txt ; sleep 10000"]
    imagePullPolicy: IfNotPresent
    name: n1
    resources: {}
    lifecycle:
      postStart:
        exec:
          command: ["/bin/sh","-c","date >> /tmp/bb.txt"]
  dnsPolicy: ClusterFirst
  restartPolicy: Always
status: {}

[root@k8scloude1 pod]# kubectl apply -f pod3.yaml 
pod/pod3 created

[root@k8scloude1 pod]# kubectl get pods
NAME    READY   STATUS    RESTARTS   AGE
pod3    1/1     Running   0          8s

查看文件可以发现,/tmp/aa.txt /tmp/bb.txt 时间是一致的,就说明两个命令是同时运行的,证明了postStart:容器启动之后执行XXXX,和主进程是同时运行起来的,并没有先后顺序。

[root@k8scloude1 pod]# kubectl exec -it pod3 -- bash
root@pod3:/# cat /tmp/aa.txt /tmp/bb.txt 
Thu Jan 13 07:40:24 UTC 2022
Thu Jan 13 07:40:24 UTC 2022
root@pod3:/# exit
exit

#删除pod
[root@k8scloude1 pod]# kubectl delete -f pod3.yaml 
pod "pod3" deleted

现在添加preStop处理函数:在容器关闭之前执行"/bin/sh","-c","date >> /tmp/bb.txt ; sleep 100",打印日期到/tmp/bb.txt文件,并休眠100秒。

[root@k8scloude1 pod]# vim pod4.yaml 

[root@k8scloude1 pod]# cat pod4.yaml 
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: pod3
  name: pod3
spec:
  terminationGracePeriodSeconds: 600
  containers:
  - image: nginx
    command: ["sh","-c","date > /tmp/aa.txt ; sleep 10000"]
    imagePullPolicy: IfNotPresent
    name: n1
    resources: {}
    lifecycle:
      postStart:
        exec:
          command: ["/bin/sh","-c","date >> /tmp/bb.txt"]
      preStop:
        exec:
          command: ["/bin/sh","-c","date >> /tmp/bb.txt ; sleep 100"]
  dnsPolicy: ClusterFirst
  restartPolicy: Always
status: {}

[root@k8scloude1 pod]# kubectl apply -f pod4.yaml 
pod/pod3 created

[root@k8scloude1 pod]# kubectl get pod
NAME    READY   STATUS    RESTARTS   AGE
pod3    1/1     Running   0          7s

运行一段时间后,删除pod,在容器关闭之前执行preStop的命令,preStop执行完成之后,主程序还要运行10000秒,但是宽限期terminationGracePeriodSeconds只有600s,所以600秒之后pod被删除

[root@k8scloude1 pod]# kubectl delete pod pod3 
pod "pod3" deleted
^C

#强制删除pod
[root@k8scloude1 pod]# kubectl delete pod pod3 --force
warning: Immediate deletion does not wait for confirmation that the running resource has been terminated. The resource may continue to run on the cluster indefinitely.
pod "pod3" force deleted

四.如何优雅的关闭nginx pod

说明: 当一个 Pod 被删除时,执行kubectl get pod 命令会展示这个 Pod 的状态为 Terminating(终止)。 这个 Terminating 状态并不是 Pod 阶段之一。 Pod 被赋予一个可以体面终止的期限,默认为 30 秒。 你可以使用 --force 参数来强制终止 Pod。

由于nginx默认是fast shutdown,关闭的时间一般小于30秒,如果想优雅的关闭nginx,可以在关闭容器之前运行nginx -s quit ,达到优雅的关闭nginx的效果

[root@k8scloude1 pod]# vim pod5.yaml 

#preStop处理函数指定在容器关闭之前执行"/bin/sh","-c","/usr/sbin/nginx -s quit"
[root@k8scloude1 pod]# cat pod5.yaml 
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    run: pod5
  name: pod5
spec:
  terminationGracePeriodSeconds: 600
  containers:
  - image: nginx
    command: ["sh","-c","date > /tmp/aa.txt ; sleep 10000"]
    imagePullPolicy: IfNotPresent
    name: n1
    resources: {}
    lifecycle:
      postStart:
        exec:
          command: ["/bin/sh","-c","date >> /tmp/bb.txt"]
      preStop:
        exec:
          command: ["/bin/sh","-c","/usr/sbin/nginx -s quit"]
  dnsPolicy: ClusterFirst
  restartPolicy: Always
status: {}

[root@k8scloude1 pod]# kubectl apply -f pod5.yaml 
pod/pod5 created

[root@k8scloude1 pod]# kubectl get pod
NAME   READY   STATUS    RESTARTS   AGE
pod5   1/1     Running   0          5s

[root@k8scloude1 pod]# kubectl delete pod pod5 
pod "pod5" deleted
^C
[root@k8scloude1 pod]# kubectl delete pod pod5 --force
warning: Immediate deletion does not wait for confirmation that the running resource has been terminated. The resource may continue to run on the cluster indefinitely.
pod "pod5" force deleted